Internet Archive Scholar

Using Static and Dynamic Malware features to perform Malware Ascription [article]

Jashanpreet Singh Sraw, Keshav Kumar
2021 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.1 MB)
https://web.archive.org/web/20211208133441/https://arxiv.org/ftp/arxiv/papers/2112/2112.02639.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

Malware ascription is a relatively unexplored area, and it is rather difficult to attribute malware and detect authorship. In this paper, we employ various Static and Dynamic features of malicious executables to classify malware based on their family. We leverage Cuckoo Sandbox and machine learning to make progress in this research. Post analysis, classification is performed using various deep learning and machine learning algorithms. Using the features gathered from VirusTotal (static) and
more » ... oo (dynamic) reports, we ran the vectorized data against Multinomial Naive Bayes, Support Vector Machine, and Bagging using Decision Trees as the base estimator. For each classifier, we tuned the hyper-parameters using exhaustive search methods. Our reports can be extremely useful in malware ascription.
arXiv:2112.02639v1 fatcat:63y3buhsbbh65mlvdzwmpmgqqu
Open Access
Citation

Jashanpreet Singh Sraw, Keshav Kumar. "Using Static and Dynamic Malware features to perform Malware Ascription." arXiv (2021)